chore: publish 1.3.0+v1.55.2 release

Closes https://git.coopcloud.tech/coop-cloud/matrix-synapse/issues/25.

.env.sample

@@ -15,6 +15,9 @@ COMPOSE_FILE="compose.yml"
 
 #DISABLE_FEDERATION=1
 
+ENABLE_REGISTRATION=false
+PASSWORD_LOGIN_ENABLED=true
+
 #AUTO_JOIN_ROOM_ENABLED=1
 #AUTO_JOIN_ROOM="#example:example.com"
 

abra.sh

@@ -1,3 +1,3 @@
 export ENTRYPOINT_CONF_VERSION=v1
-export HOMESERVER_YAML_VERSION=v3
+export HOMESERVER_YAML_VERSION=v6
 export LOG_CONFIG_VERSION=v2

compose.keycloak2.yml

@@ -0,0 +1,17 @@
+---
+version: "3.8"
+
+services:
+  app:
+    secrets:
+      - keycloak2_client_secret
+    environment:
+      - KEYCLOAK2_CLIENT_ID
+      - KEYCLOAK2_ENABLED
+      - KEYCLOAK2_NAME
+      - KEYCLOAK2_URL
+
+secrets:
+  keycloak2_client_secret:
+    external: true
+    name: ${STACK_NAME}_keycloak2_client_secret_${SECRET_KEYCLOAK2_CLIENT_SECRET_VERSION}

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: "matrixdotorg/synapse:v1.52.0"
+    image: "matrixdotorg/synapse:v1.55.2"
     volumes:
       - "data:/data"
     secrets:
@@ -18,8 +18,10 @@ services:
       - DOMAIN
       - ENABLE_3PID_LOOKUP
       - ENABLE_ALLOWLIST
+      - ENABLE_REGISTRATION
       - FEDERATION_ALLOWLIST
       - LETSENCRYPT_HOST=${DOMAIN}
+      - PASSWORD_LOGIN_ENABLED
       - REDACTION_RETENTION_PERIOD
       - ROOT_LOG_LEVEL
       - SQL_LOG_LEVEL
@@ -51,15 +53,17 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=1.2.0+v1.52.0"
+        - "coop-cloud.${STACK_NAME}.version=1.3.0+v1.55.2"
 
   db:
     image: postgres:13-alpine
     secrets:
       - db_password
     environment:
+      - LC_COLLATE=C
+      - LC_CTYPE=C
       - POSTGRES_DB=synapse
-      - POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=C --lc-ctype=C"
+      - POSTGRES_INITDB_ARGS="-E \"UTF8\""
       - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
       - POSTGRES_USER=synapse
     networks:

homeserver.yaml.tmpl

@@ -1169,7 +1169,7 @@ turn_allow_guests: {{ env "TURN_ALLOW_GUESTS" }}
 
 # Enable registration for new users.
 #
-#enable_registration: false
+enable_registration: {{ env "ENABLE_REGISTRATION" }}
 
 # Time that a user's session remains valid for, after they log in.
 #
@@ -1897,6 +1897,19 @@ oidc_providers:
         display_name_template: "{{ "{{ user.name }}" }}"
   {{ end }}
 
+  {{ if eq (env "KEYCLOAK2_ENABLED") "1" }}
+  - idp_id: keycloak2
+    idp_name: {{ env "KEYCLOAK2_NAME" }}
+    issuer: "{{ env "KEYCLOAK2_URL" }}"
+    client_id: "{{ env "KEYCLOAK2_CLIENT_ID" }}"
+    client_secret: "{{ secret "keycloak2_client_secret" }}"
+    scopes: ["openid", "profile"]
+    user_mapping_provider:
+      config:
+        localpart_template: "{{ "{{ user.preferred_username }}" }}"
+        display_name_template: "{{ "{{ user.name }}" }}"
+  {{ end }}
+
 
 # Enable Central Authentication Service (CAS) for registration and login.
 #
@@ -2035,7 +2048,7 @@ sso:
 password_config:
    # Uncomment to disable password login
    #
-   #enabled: false
+   enabled: {{ env "PASSWORD_LOGIN_ENABLED" }}
 
    # Uncomment to disable authentication against the local password
    # database. This is ignored if `enabled` is false, and is only useful

release/1.3.0+v1.55.2

@@ -0,0 +1,3 @@
+The deployment failed due to the app/db getting confused. I think this is just
+due to the recipe not having good healthcheck config. After the app container
+flapped a bit, everything came up nicely. d1 @ autonomic co-op